2026-05-05
LLM04:2025 — Data and Model Poisoning
Welcome to Securing the Stochastic : A Field Guide to the OWASP LLM Top 10, part 4 ; LLM04:2025 — Data and Model Poisoning.
AI SecurityGRCPrivacySecurity
Writing
Blog
Blog posts, build logs, Medium migrations, and field notes across security, GRC, AI governance, privacy, open source, and languages.
23 postsSecurity, GRC, AI governance, privacy, cloud, and practical engineering notes.
RSS feed
2026-03-22
OWASP LLM03:2025 — Supply Chain Vulnerabilities : The Threat That Arrives Before You Write a Single…
Welcome to the part 3 of the series Securing the Stochastic — A Field Guide to the OWASP LLM Top 10.
AI SecurityGRCPrivacyCloud Security
2026-02-23
OWASP LLM02:2025 Sensitive Information Disclosure
When Your AI Becomes an Accidental Whistleblower
AI SecurityGRCPrivacyCloud Security
2026-01-08
We are no longer securing databases; we are securing probabilistic reasoning engines.
Part 1: The Core Paradigm Shift & Prompt Injection (LLM01)
AI SecurityGRCPrivacyCloud Security
2025-12-01
Practical Approach to What You Need to Know About the SHA1-Hulud Supply Chain Attack
Section 1—Executive Summary (Non-Technical)
AI SecurityGRCCloud SecuritySecurity
2025-11-13
What is GRC (and GRC Engineering) , and why is it more complicated than you think!
Imagine you're fed up with corporate and you start a filter coffee stand in Namma Bengaluru. In most non-technical fashion: you buy coffee…
AI SecurityGRCPrivacyCloud Security
2025-08-04
Hardening Your Kubernetes Fortress, Part 1: Auditing with kube-bench
Kubernetes has won the container orchestration war, but managing its security can feel like defending a medieval fortress. With countless…
GRCCloud SecuritySecurity
2025-04-22
Cloud Control Freak—IAM : Taming Access the GRC Engineering Way
Welcome to the series (Cloud Control Freak—the GRC way) of articles focused on GRC Engineering <> AWS. This series is for all GRC…
GRCCloud SecuritySecurity
2025-01-27
Put Privacy First : The 7-Point Guide to Privacy By Design
As we celebrate the Data Privacy Day (28th January 2025), the concerns related to Data Privacy keep on increasing across the globe with…
AI SecurityGRCPrivacyCloud Security
2024-12-14
RBI's Master Direction on IT Outsourcing: Ensuring Compliance and Building Trust
It has been more than a year since the Reserve Bank of India (hereafter referred as \"RBI\") launched the Master Direction on Outsourcing of…
GRCPrivacyCloud SecuritySecurity
2024-11-30
Divide and Conquer: Shared Security in the Cloud
In today's digital age, cloud computing has become an indispensable tool for businesses of all sizes. The flexibility, scalability, and…
AI SecurityCloud SecuritySecurity
2024-11-04
Strengthening Your AWS Security Posture with Security Hub
There have been a lot of InfoSec groups/forums where questions around AWS Security Hub are asked. I have observed that the people asking…
AI SecurityGRCPrivacyCloud Security
2024-06-15
All you need to know and do for becoming SOC 2 Type II Compliant
Why do you need a SOC 2 Type II report, what does it mean and how to get it?
GRCPrivacyCloud SecuritySecurity
2024-02-25
From Numbers to Impact: Making Sense of CVSS V4.0 Score with Practical Examples
In today's ever-evolving cybersecurity landscape, prioritising vulnerabilities effectively is critical. The Common Vulnerability Scoring…
Security
2024-02-10
The real meaning of OWASP Top 10 Mobile 2024 list from Security and Privacy Viewpoints
Recently, the final list of top 10 mobile application vulnerabilities has been released by OWASP. The last one was released in 2016. The…
GRCPrivacySecurity
2023-11-05
A Deep Dive into Zero Trust Architecture
Any organisation or business becomes successful only if it is trusted by its customers and investors. When it comes to organisations…
Cloud SecuritySecurity
2023-09-16
Personally Identifiable Information (PII)—Why so important and how to protect it?
Recently, the Government of India brought the DPDP (Digital Personal Data Protection) act and since then, I have been reading a lot of…
PrivacySecurity
2023-05-27
Guarding Your Virtual Fortress : A step-by-step Guide to Install Wazuh on a Virtual Machine | Part…
While I was trying to explore more and more things in the defensive security, I thought of learning in detail about SIEM and Wazuh. The…
GRCSecurity
2023-03-05
Cool Linux Commands
Some days back when I was bored at work and trying to do some random things on my Linux terminal, I came across a very funny and unusual…
Security
2022-11-02
Hack Android Device using Linux
In this article, we will be hacking an android device using Kali Linux. You need only a Linux based machine, a stable internet connection…
Security
2022-09-25
Vulnhub MoneyBox Walkthrough
What are VulnHub and MoneyBox?
Security
2022-09-17
Using Steganography tools in Linux
Before going towards the technical part of this article, let us understand what is meant by Steganography.
Security
2022-08-28
Installing Docker on Kali Linux
Understanding Docker + Installation on Kali Linux
Cloud SecuritySecurity